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IN THE DRAWINGS 

Please amend Figure 15 as indicated in red ink in the attached marked-up Figure 15. 
A substitute set of formal drawings is included herewith. 
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SUBJECT SENDS ITS PUBLIC KEY AND 
IDENTIFICATION ATTRIBUTES TO 
REGISTRATION AUTHORITY 



-102 



SUBJECT DEMONSTRATES 
KNOWLEDGE OF THE PRIVATE KEY 
ASSOCIATED WITH ITS PUBLIC KEY 
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SUBJECT DEMONSTRATES TO 
REGISTRATION AUTHORITY THAT 
IDENTIFICATION ATTRIBUTES APPLY 
TO SUBJECT 
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REGISTRATION AUTHORITY 
CREATES UNSIGNED CERTIFICATE 
AND STORES UNSIGNED 
CERTIFICATE IN CERTIFICATE 
DATABASE 
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REGISTRATION AUTHORITY SENDS 
UNSIGNED CERTIFICATE TO SUBJECT 
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REGISTRATION AUTHORITY 
COMPUTES CRYPTOGRAPHIC HASH OF 
UNSIGNED CERTIFICATE 
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CREDENTIALS SERVER STORES 
CRYPTOGRAPHIC HASH COMPUTED IN 
STEP 1 10 IN ITS HASH TABLE 
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Fig. 4 
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SUBJECT SENDS MESSAGE TO 
CREDENTIALS SERVER 
CONTAINING UNSIGNED 
CERTIFICATE AND REQUESTING 
THAT A SHORT-TERM DISPOSABLE 
CERTIFICATE BE ISSUED AGAINST 
UNSIGNED CERTIFICATE 
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CREDENTIALS SERVER COMPUTES 

THE CRYPTOGRAPHIC HASH OF 
THE UNSIGNED CERTIFICATE AND 
VERIFIES THAT THE COMPUTED 
CRYPTOGRAPHIC HASH IS 
PRESENT IN HASH TABLE 
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CREDENTIALS SERVER CREATES A 
SHORT-TERM DISPOSABLE 
CERTIFICATE AND SENDS THE 
SHORT-TERM DISPOSABLE 
CERTIFICATE TO SUBJECT 
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SUBJECT SENDS SHORT- 
TERM DISPOSABLE 
CERTIFICATE TO VERIFIER 
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SUBJECT DEMONSTRATES 

KNOWLEDGE OF THE 
PRIVATE KEY ASSOCIATED 
WITH THE PUBLIC KEY IN 

THE SHORT-TERM 
DISPOSABLE CERTIFICATE 
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VERIFIER VERIFIES THAT 
THE EXPIRATION 
DATE/TIME IN SHORT-TERM 
DISPOSABLE CERTIFICATE 
HAS NOT EXPIRED 



•304 



VERIFIER USES PUBLIC KEY 
OF CREDENTIALS SERVER 
TO VERIFY SIGNATURE ON 
SHORT-TERM DISPOSABLE 
CERTIFICATE 
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REGISTRATION AUTHORITY 
OBTAINS UNSIGNED 
CERTIFICATE FROM 
CERTIFICATE DATABASE AND 
COMPUTES CRYPTOGRAPHIC 
HASH OF THE UNSIGNED 
CERTICICATE 
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REGISTRATION AUTHORITY 
SENDS A MESSAGE TO 
CREDENTIALS SERVER 

CONTAINING THE 
CRYPTOGRAPHIC HASH 
COMPUTED IN STEP 402 AND 
REQUESTS THAT THE 
CREDENTIALS SERVER REMOVE 
THE CRYPTOGRAPHIC HASH 
FROM THE HASH TABLE 
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CREDENTIALS SERVER 

REMOVES THE 
CRYPTOGRAPHIC HASH 
RECEIVED IN STEP 404 FROM ITS 
HASH TABLE 
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Fig. 7 
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SUBJECT/CLIENT SENDS A MESSAGE TO 
CREDENTIALS SERVER CONTAINING 
UNSIGNED CERTIFICATE AND REQUESTING 
THAT A SHORT-TERM DISPOSABLE 
CERTIFICATE BE ISSUED AGAINST 
UNSIGNED CERTIFICATE 
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CREDENTIALS SERVER COMPUTES 
CRYPTOGRAPHIC HASH OF UNSIGNED 
CERTIFICATE AND VERIFIES THAT THE 
COMPUTED CRYPTOGRAPHIC HASH IS 
PRESENT IN HASH TABLE 
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CREDENTIALS SERVER ACCESSES THE 
DIRECTORY AND OBTAINS AUTHORIZATION 
INFORMATION 
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CREDENTIALS SERVER USES THE 
AUTHORIZATON INFORMATION OBTAINED 
IN STEP 506 AND IDENTIFICATION 
ATTRIBUTES CONTAINED IN THE UNSIGNED 
CERTIFICATE TO CREATE A 
CRYPTOGRAPHIC FOLDER FOR EACH 
VERIFIER/APPLICATION THAT MAY BE 
ACCESSED BY THE SUBJECT/CLIENT AND 
CREATES A STRUCTURED SHORT-TERM 
DISPOSABLE CERTIFICATE 
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CREDENTIALS SERVER SENDS THE 
STRUCTURED SHORT-TERM DISPOSABLE 
CERTIFICATE TO THE SUBJECT/CLIENT WITH 
ALL ITS FOLDERS OPEN 
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SUBJECT/CLIENT CLOSES ALL FOLDERS IN 
SHORT-TERM DISPOSABLE CERTIFICATE 
EXCEPT THE FOLDER THAT CONTAINS 
INFORMATION NEEDED BY THE 
VERIFIER/APPLICATION FOR AUTHORIZATION 
OF THE CLIENT 
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SUBJECT/CLIENT SENDS SHORT-TERM 
DISPOSABLE CERTIFICATE TO THE 
VERIFIER/APPLICATION 


> 


t 


VERIFIER/APPLICATION VERIFIES THAT THE 
EXPIRATION DATE/TIME OF THE SHORT-TERM " 
DISPOSABLE CERTIFICATE HAS NOT EXPIRED 


> 


t 


VERIFIER/APPLICATION USES PUBLIC KEY OF 
CREDENTIALS SERVER TO VERIFY SIGNATURE 
ON SHORT-TERM DISPOSABLE CERTIFICATE 
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SUBJECT/CLIENT DEMONSTRATES KNOWLEDGE 
OF THE PRIVATE KEY ASSOCIATED WITH THE 
PUBLIC KEY IN THE SHORT-TERM DISPOSABLE 

CERTIFICATE 
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J 

VERIFIER/APPLICATION USES THE 
AUTHORIZATION/IDENTIFICATION 
INFORMATION CONTAINED IN THE OPEN 
FOLDER OF THE SHORT-TERM DISPOSABLE 
CERTIFICATE TO MAKE AUTHORIZATION 
DECISIONS CONCERNING THE SUBJECT/CLIENT 
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